Synopsis
NNM has detected a FTP transfer of a file compressed with the ZIP algorithm.
Description
NNM has detected a FTP transfer of a file compressed with the ZIP algorithm. This file may contain malicious code, but probably not a direct threat. However, if the host attempting the download is a web server, email server, or other server, this behavior may be indicative of a system compromise.
Solution
Deploy a FTP proxy and block all the downloads of files ending in .zip. In addition, ensure desktop computers have antivirus software.
